Principal Digital Forensics Analyst

Principal Digital Forensics Analyst in Charlotte, North Carolina Posted 04/12/21

• Diversified Fortune 100 healthcare company
• Over $60 billion in revenue, focused on providing local solutions to ensure accessibility, quality, and culturally attentive healthcare programs
• Voted one of Fortune's Most Admired Companies for 2019

• A career focused on developing your skillset while providing value through new ideas and innovative thinking
• Employee development and growth opportunities: learn new skills, cross paths with other disciplines, and grow within the organization
• Collaborative environment, work with a team to provide quality healthcare solutions coast-to-coast
• Work with purpose every day in an environment built around helping others
• Excellent benefits package including Medical, Dental, and Vision coverage in addition to other benefits such as tuition reimbursement/educational assistance, paid company holidays, and adoption reimbursement.

• Plan and build capabilities to establish and mature the forensics program.
• Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes.
• Architect, design and build forensic process and technology. Provide requirements and assist team in building Forensics lab to meet needs of the program.
• Establish and mature forensic program. Incorporate best in class process and technology from Digital Forensics Incident Response (DFIR) community.
• Collect, preserve, and analyze digital evidence from electronic data sources, including laptops, desktops, servers, and infrastructure devices.
• Investigate incidents leveraging common forensics tools to analyze memory, hard drive, malware, and network based artifacts.
• Conduct detailed technical analysis of internal systems to find indicators of compromise, identify malicious activity, establish timelines of events, and propose technical fixes
• Prepare and review written technical reports that document case findings and lead the internal development of DFIR policies and procedures.

• Bachelor's degree in Computer Science, IT, Security, Forensics or related field.
• 7+ years of cyber security, forensics, incident response, or threat hunting experience.
• Creation of Intelligence Reports and Products
• Data source identification, collection, enrichment and analysis, Endpoint, Network security analysis
• Creation, research and mitigation of memory corruption vulnerabilities and exploits
• Malware analysis or Reverse Engineering
• Splunk (SEIM) experience in custom queries, searches, creating correlated alerts, and dashboard creation
• Nessus or Nexpose vulnerability scanning, configuration and report generation experience